More than $3 billion has been raised through so-called initial coin offerings so far in 2017. Yet while numerous of these have already proven to be good old-fashioned scams, regulators in Washington have remained relatively quiet aside from warning issuers that at least some coins sold in ICOs could be considered securities; publishing a statement saying celebrity endorsements of ICOs may be unlawful without appropriate disclosures around compensation; and bringing two cases against fraudulent coin offerings.

That wait-and-see stance looks to evolve into much more action in 2018, suggest those who’ve either spoken with the Securities and Exchange Commission or otherwise have a vested interest in its rulings. (The SEC isn’t commenting publicly on its specific plans.)

Just Friday, a new division of the agency that’s focused on ICOs filed charges against an outfit called PlexCoin that reportedly raised $15 million from thousands of investors by promising a 1,354 percent return in 29 days or less. The person spearheading the effort — Dominic Lacroix — is a serial violator of SEC laws, says the agency, which describes him in its filing as a “recidivist securities law violator in Canada,” so this one might have been easy pickings.

Still, Ethereum co-founder Joe Lubin told us onstage last month that he is among other blockchain experts who has spoken to the SEC, and he described the staffers with whom he has talked as “very interested people who are trying to understand the context that’s evolving around them . . . They are certainly in information-gathering mode.”

I fought the law and the law won

Without question, the SEC isn’t blind to the ICO fever that’s sweeping the globe and has already prompted regulators in China and South Korea to ban them outright — and regulators in Switzerland and Singapore and Japan to meanwhile welcome them with open arms.

Former Wall Street attorney turned SEC Chairman Jay Clayton said at a recent meeting at the Federal Reserve Bank of New York that the agency is planning to pursue offerings that violate securities laws, telling those gathered that, “Where we see fraud and where we see people engaging in offerings that are not registered, we are going to pursue them because these types of things have a destabilizing effect on the market.”

It’s a stronger statement than Clayton offered in September, when, speaking at an event in Washington, he said it “would shock me if you don’t see pump-and-dump schemes in the initial coin offering space . . .This is an area where I’m concerned about what’s going to happen to retail investors.”

In these coin offerings, investors typically pay using bitcoin and other virtual currencies. In the PlexCoin case, Lacroix was accepting credit card payments via PayPal, Stripe and Shopify, but he raised the bulk of the $15 million via ethereum, Litecoin and other cryptocurrencies, which can be harder to trace and recover because they’re sent outside the traditional financial system.

In addition to past violations, Lacroix was an easy target for the SEC owing to the sensational language PlexCoin used to entice potential investors, telling them to obtain its “tokenized currency” so they could “Take control of [THEIR] money!”

Equally suspect: telling investors that the identity of PlexCorps’ executives had to be kept hidden to avoid poaching by competitors and for privacy concerns.

Words do concern those who’d like to see regulators work with — and not shut down — ICOs more broadly. Lubin, who today runs ConsenSys, a studio building decentralized applications, told us onstage, for example, that his “legal team and all of our legal advisors are not comfortable with the term ICO,” because it sounds a lot like IPO. “There are different types of token launches. Some of them can be tokenized securities; some of them can utility or protocol tokens. If you’re issuing a utility token based on your work, the SEC would not deem that a security.”

It isn’t just the acronym that concerns him. Lubin argued that if issuers use language “that the SEC believes will cause you to lead token buyers into a purchase with the expectation that they’ll make some profits off the agency of others, that can [also] be deemed a security.”

I needed money ’cause I had none

But former SEC commission Joe Grundfest clearly thinks it a joke to suggest that investors are buying tokens of any kind without assuming they’ll profit from them. Speaking with Dealbook early last week, Grundfest, who today teaches on law and business at Stanford, said it was clear that those buying tokens are buying them with the hope that their value will rise, full stop.

He added that few of the projects raising money through ICOs truly have a need for the structure. In fact, he called ICOs the “most pervasive, open and notorious violation of federal securities laws since the Code of Hammurabi.

“It’s more than the extent of the violation,” he’d said. “It’s the almost comedic quality of the violation.”

Perhaps it’s because Grundfest so publicly wondered about the dearth of SEC enforcements that the SEC took action this past Friday against PlexCoin. Either way, don’t be surprised if a kind of sweep is coming.

Speaking on that same panel with us last month, venture capitalist Rebecca Lynn of Canvas Ventures compared the current ICO environment to the earliest days of online lending, before regulators descended onto the scene.

Lynn — who led an early investment in the online lender LendingClub while with her previous employer, Morgenthaler Ventures — remembers well the language that the company and competitors like Prosper used and the boldness with which they launched into the world, intent on cutting out the middleman.

“It wasn’t that different,” she said. “Disintermediation of the banks. Frictionless. Peer-to-peer. Not regulated. And guess what? They became regulated, and Prosper got hit with a huge class-action lawsuit, because people lost a lot of money early [on].” (LendingClub has more recently been hit with a class-action shareholder lawsuit, too.)

“I don’t see this as different,” she said. “ICOs will absolutely be regulated,” she said. “We’ve seen this game before.”

Shriram Bhashyam, co-founder of the secondary marketplace EquityZen (and a former securities attorney) agrees, saying the “steady drumbeat” of small actions we’ve seen from the SEC is likely just the beginning, and that while the SEC has been picking off the “outright fraud and scams” and “low-hanging fruit,” what the agency is likely looking for right now are the “stronger cases that will send a message” that it’s establishing rules of the road.

At this point, Grundfest would hardly be alone in welcoming them. Even Bradley Tusk, a political strategist known for helping companies navigate the regulatory waters, says a kind of regulatory road map is overdue at this point. “I’m usually the guy fighting these things, but with ICOs, it’s such a confusing landscape and no one knows what the rules are, and so much of the efficacy of the system is based on trust.”

It’s “hard to know what the f_ck is going on over there” at the SEC, says Tusk. “But not only would rules provide consumers some basic protections, he says, but they might also ensure that the “bad actors and fly-by-nights” don’t blow it for everyone else.